Bootstrapping a device

Bootstrapping is the process of securely pairing the device with the server. Here the initial trust between the device and the server is established through the exchange of keys. A typical bootstrap command will look like this and is given as an output from the qbee agent installation. This will be executed on the agent. If you are using a proxy or are interested in more options please go to the bottom of this page.

    sudo /opt/qbee/bin/qbee-bootstrap -k <bootstrap_key>


Depending on your platform this command might have a different path or command. Please refer to the output of your agent install.


The bootstrap key can be found in the menu below the user name.


This initiates the communication with the server. You will see a feedback on the agent command line how the bootstrap process is commencing. During the process the new device has to be accepted in the web app.


Your device needs to be able to resolve DNS and the firewall needs to allow to initiate output traffic. If problems occur under bootstrapping please try iptables -F OUTPUT. Then in qbee you go into configure->firewall and enable that for the resepctive devices. Even if the firewall is configured to "drop" all it enables qbee to get through.


Depending on your settings you can enable "auto accept" for a certain bootstrap key or alternatively you need to accept each device into the platform. The later is the default setting.

Check if the IP of the device and the request time is correct and then approve the device in the qbee UI under Devices -> Pending devices.


When the device is approved it takes a while before it is visible in the tree. Eventually it will appear under a group called "unassigned devices". This is important as there is no configuration associated with this group. First if you move the device into a group that has configuration or if you create a group and then define configuration this device is in a defined state. Do not forget to save the new tree

Make sure your device is not in unassigned devices

Any new device needs to be accepted in the "Pending devices" tab. When that is done it will appear under "unassigned devices" in the tree. Try reload the page if it does not appear. Only when you move it form "unassigned" into the main tree or any of your groups it will receive the valid configuration for that group and start working. Devices in the unassigned group are not working yet.


The qbee agent can be called with more options. The complete set of settings (from version > 1.2) can be seen here:

# sudo /opt/qbee/bin/qbee-bootstrap -h

  qbee-bootstrap [-h] [-k key] [-x proxy_address] [-X proxy_port] [-U proxy_user] [-P proxy_pass] [-m proxy_method] [-s server] [-p port] ``

    -h  Show this help text
    -k  Set the bootstrap key found in the user profile (required)
    -x  Specify a proxy host to use
    -X  Specify a proxy port to use (default: 3128)
    -U  Specify a proxy username
    -P  Specify a proxy password
    -m  Specify a proxy authentication method [ntlm|basic] (default: basic)
    -s  Set the server to bootstrap to. Don't set this if you are using (default:
    -p  Set the server port to bootstrap to. Don't set this if you are using (default: 443)


These settings allow to configure qbee connections through a proxy. Please note that we currently only support http proxy connections. But since the communication of the qbee agent is heighly encrypted this is no security concern.